Storing and accessing data in a mobile device and a user module

ABSTRACT

The invention relates to methods for storing and accessing user data ( 48 ) and configuration data ( 62 ) in a mobile device ( 10 ) that is connected to a user module ( 12 ). According to a first aspect of the invention, the user data ( 48 ) is stored in the mobile device ( 10 ) at least partially in encrypted form, and is decrypted, in access operations, using a decrypting function ( 66 ) of the user module ( 12 ). According to a second aspect of the invention, the configuration data ( 62 ) is stored in the user module ( 12 ). The configuration data ( 62 ) indicates whether, or to what extent, an application program ( 46 ) is allowed to be executed by the mobile device ( 10 ). Security and protection against unauthorised access to user data ( 48 ) and application programs ( 46 ) in the mobile device ( 10 ) are increased by the invention.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a National Stage of International Application No.PCT/EP02/13627, filed Dec. 2, 2002.

FIELD OF THE INVENTION

The invention relates generally to the technical field of storing andaccessing data in mobile devices, as well as in user modules for devicesof this type. Mobile devices that provide the user with bothtelecommunications functions (for example, the transfer of speech and/ordata via a telecommunications network) and application programs (forexample, an appointment scheduler or a text editor) are a preferred areaof application of the invention. Mobile devices of this type may, inparticular, be configured as powerful mobile telephones or as PDAs(personal digital assistants).

BACKGROUND OF THE INVENTION

German laid-open application DE 197 24 901 A1 discloses a mobiletelephone to the GSM standard (GSM=global system for mobilecommunication). The mobile telephone comprises a control unit, a devicememory and an interface for a subscriber identity module (SIM). Userdata, such as address lists, turnover data or price lists, for example,may be loaded into the device memory via a line connection to acomputer. It is also possible to load programs (not described in greaterdetail) into the device memory via the line connection, and subsequentlyto execute them through the mobile telephone. Data may be transferred inan integrity-assured or encrypted form.

When GSM mobile telephones are switched on, there is generally anauthorisation check, wherein the user has to enter a personal secretnumber (PIN=personal identification number). The full user interface,including the option to access the user data stored in the mobiletelephone, is only enabled if the secret number is entered correctly.Most confidential user data is therefore secure to a certain degree.There is, however, the problem that sufficiently devoted criminals areable to get round this security. Memory components of mobile telephonesmay, for example, be read out directly at hardware level usingappropriate devices.

It is particularly beneficial to store user data in a mobile device ifthe mobile device is also set up to execute application programs forprocessing this user data. Powerful GSM mobile telephones and PDAsnowadays have this functionality. Because of the high transfer speeds ofmobile devices of the 2.5th and 3rd generations, such as, for example,devices for the GPRS (general packet radio service), EDGE, UMTS(universal mobile telecommunications system) and WCDMA (widebandcode-division multiple access) networks, application programs may beloaded and/or updated from a service provider into the mobile device viathe air interface.

Said mobile devices are beset with problems and require improvement innumerous respects. In the first place, it should be possible to preventunauthorised access to application programs. It should therefore beensured that only the authorised user may call an application program,or individual secured functions of the application program. Secondly, itwould be desirable to be able to offer the user a selection of functionsthat was tailored as closely as possible to his requirements. Thirdly,the provided functions should be as device-independent as possible.

SUMMARY OF THE INVENTION

An object of the invention is to solve said problems, completely or inpart. A further object of the invention is to increase, in particular,security and protection against unauthorised access to user data andapplication programs in a mobile device. Yet a further object inpreferred configurations of the invention is to provide a high degree ofuser convenience. Yet a further object in preferred configurations ofthe invention is that the invention is capable of being implementedcost-effectively.

According to a first aspect of the invention, the above objects areachieved, completely or in part, by a method for storing and accessinguser data in a mobile device, the mobile device comprising a devicememory and being connected to a user module via an interface, whereinthe user data is stored in the device memory of the mobile device atleast partially in encrypted form, and at least the decryption of theuser data in access operations is performed using a decrypting function,which is provided by the user module and which is executed, at least inpart, by a processor unit of the user module.

Further according to the first aspect of the invention, the aboveobjects are achieved, completely or in part, by a mobile devicecomprising a device memory and an interface for connecting a usermodule, the device memory comprising at least one region for storinguser data in at least partially encrypted form, wherein the mobiledevice is set up to use a decrypting function at least for decryptingthe user data in access operations, the decrypting function beingprovided by the user module and being executed, at least in part, by aprocessor unit of the user module.

Further according to the first aspect of the invention, the aboveobjects are achieved, completely or in part, by a user module comprisinga processor unit and being set up to be connected to a mobile device viaan interface, the mobile device comprising a device memory having atleast one region for storing user data in at least partially encryptedform, wherein the user module is set up to provide the mobile device viathe interface with a decrypting function at least for decrypting theuser data in access operations, the decrypting function being executed,at least in part, by the processor unit of the mobile device.

According to a second aspect of the invention, the above objects areachieved, completely or in part, by a method for storing and accessingconfiguration data and for executing at least one application program ina mobile device, the mobile device comprising a device memory for theapplication program and being connected, via an interface, to a usermodule comprising a module memory, wherein the configuration dataconcerns at least the availability of the application program, or ofindividual functions thereof, and the configuration data is stored inthe module memory and is read out therefrom, in order to determinewhether, or to what extent, the application program will be executed.

Further according to the second aspect of the invention, the aboveobjects are achieved, completely or in part, by a mobile devicecomprising a device memory for an application program and beingconnected, via an interface, to a user module comprising a modulememory, wherein configuration data, which concern at least theavailability of the application program, or of individual functionsthereof, may be read out from the module memory via the interface, andwherein the mobile device is set up to determine, depending on theconfiguration data read out from the module memory, whether, or to whatextent, the application program will be executed.

Further according to the second aspect of the invention, the aboveobjects are achieved, completely or in part, by a user module comprisinga module memory and being set up to be connected via an interface to amobile device, the mobile device comprising a device memory for anapplication program, wherein the user module is set up to storeconfiguration data in the module memory, the configuration dataconcerning at least the availability of the application program, or ofindividual functions thereof, and wherein the user module is set up toallow the mobile device to read out the configuration data via theinterface in order to determine whether, or to what extent, theapplication program will be executed.

The invention starts from the basic idea of meeting the above-mentionedsecurity requirements by storing user data and configuration data,respectively, in a suitable manner.

The first aspect of the invention relates to storing user data. Saiddata is stored, according to the invention, in encrypted form in thedevice memory of the mobile device. Corresponding functions, which areprovided by the user module, are used at least to decrypt (and, inpreferred configurations, also to encrypt) the user data.

Because all of the user data in the memory of the mobile device is inencrypted form only, said data is protected from prying eyes even if anunauthorised user bypasses the normal user interface of the mobiledevice to access the content of the device memory. The device memory,which is generally quite large, may be used to store user data withoutconcerns for security, whereby relatively large amounts of data andcomplex data structures may be carried in the mobile device.

The user data to be stored according to the invention may be any datathat the user desires. Preferably, it is data that may also be processedby an application program that runs on the mobile device, such as, forexample, appointment and address lists for processing by an appointmentscheduler having an address book function, business tables forprocessing, for example, by spreadsheet programs, speech data generated,for example, by dictation recording programs, or general texts forprocessing by text editors. It may also be desirable to store user datafor which there is no appropriate application program available in themobile device. In this case, the mobile device acts as a secure datacarrier for exchanging user data between the workplace and a homeoffice, for example.

In preferred configurations, the encrypting and decrypting functions areexecuted, completely or in part, by a processor unit of the user module,wherein the processor unit accesses key data that is contained in amodule memory. The key data does not need to leave the user module inthese configurations, allowing a particularly high degree of security tobe obtained. This is the case, in particular, if the key data is alsogenerated within the user module and written into the module memory.There are, however, also configurations of the invention wherein atleast the encrypting, and optionally also the decrypting, of the userdata is/are executed, completely or in part, by a processor unit of themobile device, to which the encrypting and/or decrypting functionsprovided by the user module are transferred.

Preferably, an asymmetrical encrypting method, such as, for example, theRSA (Rivest-Shamir-Adleman) method is used. In this case, the key datacomprises a public key and a private key. There are, however, alsoconfigurations wherein symmetrical encryption methods are used. Inconceptual terms, reference is made to “encrypting and decryptingfunctions” in these configurations also, even though the samecalculation steps are executed in both cases.

According to the invention, the user module is required at least forexecuting the decrypting steps. This in itself provides a certain degreeof protection, as the user module and the mobile device may be keptseparate. In preferred embodiments, it is, however, provided that atleast the decrypting function is not enabled until a password(passphrase) has been entered and/or a biometric test, such as, forexample, verification of a finger print or speech analysis, has beencarried out. Through this measure, data security is ensured even if boththe mobile device and the user module are mislaid.

The second aspect of the invention relates to the use of configurationdata when executing an application program in the mobile device. Thisaspect is based on the basic idea of indicating, by means of theconfiguration data, the availability of the entire application program,or of individual functions of the application program. The configurationdata is stored in the user module, while the application program iscontained in the mobile device. The application program is executed onlyif, or to the extent that, it is indicated by the configuration data.

The teaching according to the invention offers protection againstunauthorised execution of the application program or of individualprogram functions, because, in addition to the mobile device, the usermodule, with the corresponding configuration data allowing the programto be executed, is also always required. The invention also creates thetechnical basis for providing a program configuration that is tailoredprecisely to the requirements of the user. This is important, inparticular, if there is a fee, which is dependent on the functionalityprovided, to be paid for using the program, as is the case, for example,with ASP schemes (ASP=application service providing). As theconfiguration data is stored, according to the invention, in the usermodule, the user may set up the configuration that he desires in anycompatible mobile device, simply by plugging in the user module.

The term “application program”, as it is used here, refers, inparticular, to programs that execute data processing functions withregard to the above-mentioned user data. If the mobile device is adevice with telecommunication functions, the application programs arepreferably independent of these telecommunication functions, or may atleast also be used for other purposes. Examples of typical applicationprograms include appointment schedulers, address books, text editors,spreadsheet programs, databases, dictation recording programs, etc. Theterm “application programs”, as it is used here, also includes programsthat only provide user interfaces for the above-mentioned or similarapplications (while the actual data processing is executed through theserver of an ASP provider). In some configurations, browsers and viewersare also provided for displaying documents, in a formatted manner, asapplication programs. Application programs may, however, also beplayback programs for multimedia content—in MP3 format, for example.

In order to further increase protection against unauthorised executionof the application programs, the read-out of the configuration data ispreferably protected by a password and/or a biometric test, such as avoice or fingerprint analysis, for example. In this case, the usermodule only releases the configuration data, and thus allows thecorresponding application program or the corresponding program functionto be executed, if the user has provided sufficient evidence of hisidentity through the password and/or his biometric data.

The functionality according to the invention may also be used withmobile devices that contain one or more fixedly stored applicationprograms. The configuration data is, however, preferably also used tocontrol the loading of application programs, or at least of partsthereof, into the mobile device. In mobile devices that comprisepowerful functions for wireless data transfer, in particular, theapplication programs or the required program modules may be loaded froman external service provider via the air interface. This option isparticularly advantageous in conjunction with ASP schemes. It isconsiderably more convenient for the user if he may initiate automaticloading of the required application programs corresponding to hisconfiguration, simply by using the user module on any compatible mobiledevice. Non-proprietary loading of application programs is supported byusing programming languages that operate independently of the computerplatform, as is the case, for example, with Java®.

A combination of said two aspects of the invention is particularlyadvantageous, as this provides protection against unauthorised access touser data and protection against unauthorised execution of applicationprograms.

In preferred configurations of the above-mentioned two aspects, themobile device is a telecommunications device, in particular a mobiletelephone or a personal digital assistant (PDA) having telephonefunctions. The user module is preferably a subscriber identity module(SIM), as is required for logging into a telecommunications network. Auser module may, in particular, be provided that is protected frommanipulation as a so-called trusted device or tamper-resistant device,so that encrypting and decrypting functions, or encrypted data, orconfidential configuration data is/are protected from prying eyes. Asubscriber identity module may be used even if the mobile device doesnot have any telephone functions or the module is not registered with atelephone provider, as modules of this type are produced in largenumbers and may therefore be obtained relatively cheaply.

The mobile device and the user module are preferably further developedwith features that correspond to the above-described features and/orfurther features.

BRIEF DESCRIPTION OF THE DRAWINGS

Further features, advantages and objects of the invention will emergefrom the following detailed description of an embodiment of theinvention and of a plurality of alternative configurations. Referencewill be made to the drawing, in which FIG. 1 shows a block diagram ofessential functional units of a system according to the embodiment ofthe invention that is described herein.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

FIG. 1 shows a mobile device 10 and a user module 12, which areconnected to each other via an interface 14. In the present embodiment,the mobile device 10 is configured as a powerful mobile telephone, whichprovides telecommunication functions to the GSM standard for telephoneservices and the GPRS standard for data transfer services. The usermodule 12 is accordingly configured as a SIM card, which is insertedinto the mobile telephone or arranged fixedly in the mobile telephone.The mobile device 10 is able to access a correspondingtelecommunications network 18 via an air interface 16. In alternativeconfigurations, the mobile device 10 is configured according to anenhanced mobile telephony standard, such as UMTS, and/or as a personaldigital assistant (PDA), which may also be multimedia-capable.

In a manner known per se, the mobile device 10 comprises ahigh-frequency component 20, which sends and receives radio waves via anantenna 22. A digital signal processor (DSP) 24 is used to process thetransmitted or received signal. The digital signal processor 24 alsoprocesses low-frequency signals, which are directed to a loudspeaker 28via a low-frequency component 26, or are sent from a microphone 30, viathe low-frequency component 26, to the digital signal processor 24. Aprocessor unit 32 coordinates all of the operations taking place in themobile device 10. The processor unit 32 is connected to the interface14, the digital signal processor 24, a display 34, configured here as agraphic-capable LCD display, a keyboard 36 and a device memory 38. Thedevice memory 38 may be configured in a fixedly installed or removablemanner—in the form of a memory card, for example.

The device memory 38 is implemented by means of a plurality ofsemiconductor chips in various memory technologies. In the conceptualrepresentation of FIG. 1, the device memory 38 comprises a read-onlyregion 40 (implemented, for example, as a mask-programmed ROM) and awritable region 42, implemented, for example, as a RAM or EEPROM orFLASH memory. The read-only region 40 of the device memory 38 contains,in particular, operating programs 44, which are executed by theprocessor unit 32 as the basic operating system of the mobile device 10,as well as for implementing telecommunication functions. Applicationprograms 46 and user data 48 are loaded into the writable region 42.

FIG. 1 shows, as an example of the application programs 46, anappointment scheduler 46.1 (having an address book function) and a texteditor 46.2. An appointment and address list 48.1 for the appointmentscheduler 46.1 and a letter 48.2 for the text editor 46.2 are shown asuser data 48 in FIG. 1. The application programs 46 are executed by theprocessor unit 32 and access the user data 48. The user data 48 isstored in encrypted form in the device memory 38, as indicated byhatching in FIG. 1.

The user module 12 is configured as an SIM (subscriber identity module)for the telecommunications network 18, and the interface 14 alsocorresponds mechanically and electrically to the standards provided forthis telecommunications network 18. The user module 12 comprises aprocessor unit 50, which is configured as a microcontroller and isintegrated with a module memory 52 on a single chip. The module memory52 is sub-divided, by various memory technologies, into a read-onlyregion 54 and a writable region 56.

The module memory 52 contains control programs and data, which, firstly,provide basic operating system functions for the user module 12 and,secondly, allow the log-in and the telecommunications operation of themobile device 10 with regard to the telecommunications network 18. Forthe sake of clarity, these control programs and data are not shownseparately in FIG. 1. Cryptographic functions 58 in the read-only region54 of the module memory 52, and key data 60 and configuration data 62 inthe writable region 56, are particularly relevant for the aspectsaccording to the invention of the embodiment described here, and aretherefore shown in FIG. 1.

The cryptographic functions 58 include an encrypting function 64, adecrypting function 66 and a key generating function 68. The key data 60is divided into a public key 70 and a private key 72. The configurationdata 62 comprises a corresponding configuration data record for eachapplication program 46 provided in the mobile device 10, i.e. in theembodiment described here, a configuration data record 62.1 for theappointment scheduler 46.1 and a configuration data record 62.2 for thetext editor 46.2.

In operation, the system shown in FIG. 1 provides the conventionaltelecommunication functions corresponding to the respective standards,in the present case GSM and GPRS. In addition, the user may start theapplication programs 46, and process the user data 48 or other datatherewith.

In order to provide the application programs 46, the mobile device 10accesses the configuration data 62 in the user module 12 when the mobiledevice 10 is switched on or, at the latest, when the user wishes tostart an application program 46. This access takes place via theprocessor unit 50 of the user module 12, which, in turn, requires that apassword is entered before it allows the access. The password request isdisplayed on the display 34 of the mobile device 10, and the user entersthe corresponding password via the keyboard 36. The processor unit 50checks that the password entered is the correct one.

If the user has entered the correct password, the user module 12transfers the requested configuration data 62 (either all of theconfiguration data 62 or only the data record 62.1, 62.2 provided forthe respective application program 46.1, 46.2) to the mobile device 10.The processor unit 32 then checks whether, according to the transferredconfiguration data 62, 62.1, 62.2, it is permissible to executeapplication programs 46 or the specifically requested applicationprogram 46.1, 46.2. If so, the program execution is allowed.

If the desired application program 46.1, 46.2 is already located in thedevice memory 38, the program may be started immediately. Otherwise, therequired program or user data, for which a fee may be charged, is loadedinto the device memory 38 via the air interface 16 and thetelecommunications network 18 from a server of an ASP provider. Thisdownload process also has to be authorised by the user module 12, whichacts as a so-called gatekeeper. Even if the desired application program46.1, 46.2 is already contained in the device memory 38, a request maynevertheless be placed with the ASP service provider, via the airinterface 16, firstly to transfer billing data and secondly to importany program updates, which may be available, into the mobile device 10.

In the embodiment described here, the configuration data 62 concerns notonly the basic user authorisations, but also preferred settings of theapplication programs 46, such as, for example, preset file paths,language settings, menu configurations and other user preferences. Thesesettings are made accessible to the started application program 46, sothat the user always works with the program configuration that hedesires. This is true even if the user connects his user module 12 to anew or different mobile device 10.

If application programming interfaces (APIs) become sufficientlystandardised, as is expected in the medium term using the programminglanguage Java®, for example, ASP providers will be able to offerapplication program services that are individually tailored to each userand are independent of the mobile device 10 used. A high level ofsecurity will also be obtained, as all of the application programs 46may only be called if the user module 12 is present and the password hasbeen entered. In order to prevent the mobile device 10 from beingmisused, in the event of it being stolen when switched on (after theuser has entered the password), it may be provided that, after the userhas been inactive for a predetermined length of time, it is requestedthat the password is re-entered, as is already known per se with screensavers for office computers that are not in use, for example.

In the embodiment described hitherto, an application program 46 wasconsidered as the smallest unit for the authorisation mechanism andoptionally the loading process via the air interface 16. Depending onthe programming technology employed, a finer level of granularity may,however, also be used. The configuration data 62 may thus relate to theauthorisation of the user to execute individual program functions orindividual program modules, for example, and these program functions orprogram modules may, if required, be loaded individually via the airinterface 16. This approach allows, firstly, long loading times to beavoided and, secondly, even more precise tailoring to user preferences.Also, in updating application programs 46 via the air interface 16,preferably only program modules that have actually changed relative tothe version already in the mobile device 10 are transferred.

The user data 48 processed by the application programs 46 are stored inthe device memory 38, either completely or at least partially inencrypted form. The user may, for example, be provided with a filesystem for storing user data 48, wherein individual folders orindividual drives are selectively set for encrypted or unencrypted datastorage. A similar functionality for stationary office computers, whichdoes not employ a user module, is already known from the productPGPdisk®, from the manufacturer Network Associates, Inc.

If an application program 46 were to store user data 48 in a region ofthe file system provided for encryption, this data is transferred fromthe processor unit 32 via the interface 14 to the user module 12. Theprocessor unit 50 of the user module 12 executes the encrypting function64, wherein the public key 70 contained in the key data 60 is used. Theencrypted user data 48 is written into the device memory 38 via theinterface 14 and the processor unit 32.

User data 48 that has been stored in an encrypted form is accessed in acorresponding manner. Here too, the processor unit 50 of the user module12 performs the actual decryption using the decrypting function 66 andthe private key 72. Before this, however, the processor unit 50 requeststhat the user enters a passphrase. Only if the correct passphrase isentered on the keyboard 36 (or the user is correctly biometricallyidentified in another manner), is the decrypting process enabled.

In the embodiment described here, encryption and decryption are carriedout according to an asymmetrical RSA method. In alternativeconfigurations, in contrast, other asymmetrical or symmetricalencryption and decryption methods, or hybrid forms thereof, such assymmetrical encryption using an asymmetrically encrypted key, areprovided. In symmetrical methods, there is no need to distinguishbetween the public key 70 and the private key 72.

In summary, the proposed technology ensures that the encrypted user data48 may only be read out or used if the user module 12 of the authoriseduser is connected to the interface 14, and the user has correctlyidentified himself—by using the passphrase, for example.

In the present embodiment, the entire encryption and decryptionprocedure is carried out by the processor unit 50 of the user module 12,the key data 60 never leaving the user module 12. There are, however,alternative configurations, wherein the encrypting function 64 and thepublic key 70, which does not need to be kept secret, are transferred tothe mobile device 10, so that the encryption process may be carried outby the, generally more powerful, processor unit 32 of the mobile device10. In some alternative configurations, the processor unit 32 may alsobe used for the decryption process, provided that the security of theprivate key 72 is not thereby compromised.

In the present embodiment, the key generating function 68, which is alsoexecuted by the processor unit 50 of the user module 12, is used togenerate the key data 60. In a manner known per se, this programcalculates a pair of public key 70 and private key 72. This measureensures a particularly high degree of data security, as the private key72 does not leave the user module 12 even when the key is beinggenerated.

The embodiment described here is limited neither to a single encryptedregion for the user data 48, nor to a single encryption method. Assumingthat appropriate proof of identity has been furnished, by means of thepassphrase, an encrypted region may, for example, be deactivated at anytime, and thus rendered freely accessible. The region may also beencrypted again with the same or a different user module 12. A pluralityof encrypted regions, optionally with different key pairs and/or ofdifferent sizes, may also be established and managed.

In the present configuration, in particular, which provides an ASPprovider, the encrypted user data 48 may, in addition to being stored inthe mobile device 10, also be transferred via the air interface 16 to aserver of the ASP provider, and be stored there. The user data 48 thatis stored on both sides may be synchronised each time an applicationprogram 46 performs a write access, or if a user session is ended, or ifexplicitly requested by the user. The user then has, on the one hand,rapid access to the locally stored user data 48 and is, on the otherhand, independent of the mobile device 10 used, as he may also retrievethe user data 48 that is stored with the ASP provider using any othermobile device.

In some configurations, it may also be provided to leave a component ofthe key with the network operator or the ASP provider. After the mobiledevice 10 has been successfully logged into the telecommunicationsnetwork 18, this component of the key is transferred via the airinterface 16, so that the network operator or ASP provider sharescontrol of certain user data 48 stored in the mobile device 10 with theuser.

1. Method for storing and accessing user data in a mobile device, themobile device comprising a device memory and being connected to a usermodule via an interface, said method comprising steps of: storing theuser data in the device memory of the mobile device at least partiallyin encrypted form; and performing at least the decryption of the userdata in access operations using a decrypting function provided by theuser module and which is executed, at least in part, by a processor unitof the user module; wherein the decrypting function uses a user datadecryption key for decrypting the user data, wherein the user datadecryption key is stored in the user module and does not leave the usermodule during the procedure of decrypting the user data.
 2. Methodaccording to claim 1, wherein the encryption of the user data in storageoperations is performed using an encrypting function, which is providedby the user module.
 3. Method according to claim 1, wherein theencryption of the user data in storage operations is performed using anencrypting function, which is provided by the user module, the usermodule comprises a module memory, in which the encrypting and decryptingfunctions provided by the user module, as well as key data used by thesefunctions, are contained, and the encrypting and decrypting functionsare executed, at least in part, by a processor unit of the user module.4. Method according to claim 3, wherein at least one function forgenerating the key data and for writing the key data into the modulememory is provided by the user module.
 5. Method according to claim 1,wherein at least the execution of the decrypting function is protectedby at least one of a password and a biometric test.
 6. Method accordingto claim 1, wherein the mobile device is a device that is also set upfor telecommunications functions.
 7. Method according to claim 1,wherein the mobile device is one of a mobile telephone and a personaldigital assistant.
 8. Method according to claim 1, wherein the usermodule is a subscriber identity module that is also provided for logginginto a telecommunications network.
 9. Method according to claim 1,wherein the mobile device executes at least an application program thatis one of an appointment scheduler, an address book management program,a text editor, a spreadsheet program, a database management program, adictation recording program, a browser, a document viewer, a playbackprogram for multimedia content, and a program that provides an userinterface for any one of an appointment scheduler, an address book, atext editor, a spreadsheet program, a database and a dictation recordingprogram.
 10. Method according to claim 9, wherein the applicationprogram processes the user data.
 11. A mobile device comprising: adevice memory comprising at least one region for storing user data in atleast partially encrypted form; and an interface for connecting to auser module; wherein the mobile device is set up to use a decryptingfunction at least for decrypting the user data in access operations, thedecrypting function being provided by the user module and beingexecuted, at least in part, by a processor unit of the user module, andthe decrypting function uses a user data decryption key for decryptingthe user data, wherein the user data decryption key is stored in theuser module and does not leave the user module during the procedure ofdecrypting the user data.
 12. Mobile device according to claim 11,wherein the mobile device is one of a mobile telephone and a personaldigital assistant.
 13. Mobile device according to claim 11, wherein themobile device is set up to execute at least an application program thatis one of an appointment scheduler, an address book management program,a text editor, a spreadsheet program, a database management program, adictation recording program, a browser, a document viewer, a playbackprogram for multimedia content, and a program that provides an userinterface for any one of an appointment scheduler, an address book, atext editor, a spreadsheet program, a database and a dictation recordingprogram.
 14. Mobile device according to claim 13, wherein theapplication program is set up to process the user data.
 15. Mobiledevice according to claim 11, wherein the user module is a subscriberidentity module for a telecommunications network.
 16. User modulecomprising a processor unit and being set up to be connected to a mobiledevice via an interface, the mobile device comprising a device memoryhaving at least one region for storing user data in at least partiallyencrypted form, wherein the user module is set up to provide the mobiledevice via the interface with a decrypting function at least fordecrypting the user data in access operations, the decrypting functionbeing executed, at least in part, by the processor unit of the usermodule, and the decrypting function uses a user data decryption key fordecrypting the user data, wherein the user data decryption key is storedin the user module and does not leave the user module during theprocedure of decrypting the user data.
 17. User module according toclaim 16, wherein the user module is a subscriber identity module for atelecommunications network.